We seem to only talk about account security in the aftermath of an attack or breach. It feels like the worst possible time to do so, as it’s reactive, and begs the question, “why weren’t these preventive efforts made earlier?”. Nothing bad has happened this time (we hope it will continue this way) but in the interest of being proactive, we’re here with a reminder of the features and best practices you can take advantage of to ensure your OpenSRS account is as secure as it can be. Here are some ideas you can adopt today:
Embrace stronger password management techniques
This is the obvious starting point for this conversation. It’s 2017, and we still see poor password management and hygiene. A while back we announced that we would be forcing a password reset every six months. You can do it more often if you’d like (in fact, we encourage you to do so). While frequent resets are important, the strength of the password you choose is crucial to maintaining a high level of security. Here are some tips:
- The longer, the better
- Mix uppercase and lowercase, numbers and special characters
- Don’t make it predictable. Your pet’s name is not a secure password
- Consider using password management software such as 1Password (paid) or LastPass (free)
Enable two-factor authentication for your account
Two-factor authentication adds another layer of protection against unauthorized access to your account. With two-factor authentication enabled, a secondary means of identity verification, in addition to your password, is required to access your account. You can choose the method that works best for you: either a time-based token obtained through an app or one obtained via SMS.
Take advantage of user management and permission profiles
This is another simple step towards making your account bullet (or hacker) proof. Chances are that you have multiple people accessing your OpenSRS account, and not everyone needs the same level of access. Your OpenSRS Control Panel allows you to add and edit user accounts, and set permission profiles to control the functions enabled for each of these users. If you manage multiple brands but don’t require every user to have access to all of them, you can even restrict permissions on a per-brand basis.
So there you have it, three simple steps you can take immediately to boost the security of your OpenSRS account, in just a few minutes. One final quick tip: you can apply many of these best practices to your other online accounts, including banking and social media. It’s an important first step in protecting yourself, and your company online.